[VU:306792] Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions
Severity
Medium
CVEs
1
Overview
Bouncy Castle BKS version 1 keystore files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore.
Impact
A BKS file that was created with Bouncy Castle 1.46 or earlier, or 1.49 or later as the "BKS-V1" format will have insufficient protection against bruteforce cracking. This may allow an attacker bypass BKS integrity checking.
Solution
Do not rely on version 1 BKS keystore files BKS version 1 keystore files are not cryptographically sound. A more robust keystore format should be used instead.
Acknowledgements
This vulnerability was reported by Will Dormann of the CERT/CC.
- ID
- VU:306792
- Severity
- medium
- Severity from
- CVE-2018-5382
- URL
- https://kb.cert.org/vuls/id/306792
- Published
-
2018-03-19T11:35:47
(6 years ago) - Modified
-
2018-04-04T15:27:54
(6 years ago) - Rights
- Copyright 2018, CERT Coordination Center (CERT/CC)
- Other Advisories
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |